On Mon, Jun 01, 2015 at 04:58:07PM -0400, Phillip Hallam-Baker wrote: > On Mon, Jun 1, 2015 at 4:15 PM, Brian E Carpenter < > brian.e.carpenter@xxxxxxxxx> wrote: > > > Hi, > > > > I think this is reasonable. However, it seems necessary to qualify it > > by pointing out that users of HTTPS remain exposed to traffic analysis > > (e.g. see https://arxiv.org/pdf/1403.0297). > > > > Agreed. > > But I would add a note to say that blocking traffic analysis is something > that requires link layer encryption. I don't think we can do much to > prevent that type of attack in IETF but we could stir IEEE to do something > useful. Traffic analysis might be happening far from the client, and might be happening on middle boxes controlled by the attacker. (Which is not to say that we shouldn't bother with link-layer encryption in addition to end-to-end encryption.) There are many traffic analysis considerations. For this particular purpose it should suffice to refer to traffic analysis in general. Though it might be useful to add recommendations about things like length masking (since otherwise even just the lengths of packets might suffice to identify the resources a user is accessing). Nico --